Patents by Inventor Jarno Niemelä

Jarno Niemelä has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20200394298
    Abstract: A method of scanning files for malware on a computer system. The method comprises detecting a file to be scanned for malware in the computer system, determining the file being a partial file that comprises only a part of the file content, searching for an original clean file associated with the partial file, wherein the original clean file is a full copy of the partial file, based on finding a candidate original clean file associated with the partial file, calculating a partial hash of the same length as the partial file for the candidate original clean file, and based on determining that partial hashes of the candidate original clean file and the partial file match, signalling a false alarm.
    Type: Application
    Filed: June 11, 2020
    Publication date: December 17, 2020
    Inventor: Jarno NIEMELÄ
  • Publication number: 20200336460
    Abstract: It is provided a method, comprising monitoring if a firewall receives a first packet and a second packet, wherein the first packet is directed to a IP address and a first port number; the second packet is directed to the IP address and a second port number; a hole through a firewall is punched for the IP address a hole port number different from the first port number and the second port number; the first packet has a first payload; the second packet has a second payload; and the method comprises checking if the first payload is substantially the same as the second payload; causing the firewall to block the first packet and the second packet if the firewall receives the first packet and the second packet and the first payload is substantially the same as the second payload.
    Type: Application
    Filed: April 16, 2020
    Publication date: October 22, 2020
    Inventor: Jarno NIEMELÄ
  • Patent number: 10565375
    Abstract: There is provided a method for improving security of computer resources, including obtaining raw memory snapshots of a computer memory of one or more computing systems during runtime of identical processes relating to a predetermined application or a service; forming a map of expected memory behaviour relating to the application or the service based on the obtained raw memory snapshots; monitoring the memory behaviour of a computing system during the execution of the same application or the service; comparing the monitored memory behaviour of the computing system with the formed map of expected memory behaviour; and in the event that a deviation from the expected memory behaviour is detected based on the comparison, triggering an alert.
    Type: Grant
    Filed: January 23, 2017
    Date of Patent: February 18, 2020
    Assignee: F-Secure Corporation
    Inventors: Jarno Niemelä, Matteo Cafasso
  • Patent number: 10412078
    Abstract: There are provided measures for enabling advanced local-network threat response. Such measures could exemplarily comprise receiving, at a local-network honeypot entity, a username/password related authentication data in relation to a login attempt to the honeypot entity, triggering a threat response operation at a local-network backend entity upon detection of the username/password related authentication data, the threat response operation comprising testing validity of the username/password related authentication data in one or more local accounts of the local-network, and in case the username/password related authentication data is detected to be valid for any account in the local-network, determining that said account is compromised and locking the compromised account.
    Type: Grant
    Filed: October 6, 2017
    Date of Patent: September 10, 2019
    Assignee: F-SECURE CORPORATION
    Inventors: Jarno Niemelä, Janne Pirttilahti, Marko Finnig
  • Publication number: 20190188377
    Abstract: There is provided a method of detecting a threat against a computer system. The method includes creating a modular representation of behavior of known applications on the basis of sub-components of a set of known applications; entering the modular representation to an evolutionary analysis system for generating previously unknown combinations of the procedures; storing the generated previously unknown combinations as candidate descendants of known applications to a future threat candidate database; monitoring the behavior of the computer system to detect one or more procedures matching the behavior of a stored candidate descendant in the future threat candidate database; and upon detection of one or more procedures matching the behavior of the stored candidate descendant and if the stored candidate descendant is determined to be malicious or suspicious, identifying the running application as malicious or suspicious.
    Type: Application
    Filed: December 18, 2018
    Publication date: June 20, 2019
    Inventor: Jarno NIEMELÄ
  • Patent number: 10282545
    Abstract: There are provided measures for enabling the detection of a malware-usable clean file or, stated differently, the detection of malware using a clean file. Such measures could exemplarily include identifying a vulnerable clean file in a computer system, which does not constitute malware but is vulnerable for usage by malware, checking the vulnerable clean file for its threat of usage by malware, and detecting the vulnerable clean file as malware-usable clean file on the basis of a result of said checking of its threat of usage by malware.
    Type: Grant
    Filed: February 1, 2017
    Date of Patent: May 7, 2019
    Assignee: F-Secure Corporation
    Inventor: Jarno Niemelä
  • Patent number: 10148643
    Abstract: A method of authenticating or controlling a software application on an end user device. The method includes selecting a code signing certificate related to an application developer; selecting one or more clean files from a database of known clean files signed with the selected code signing certificate; generating an application developer identification for the application developer on the basis of data extracted from the selected one or more clean files; adding the generated application developer identification to a database of trusted application developer certificates; comparing a signature related to a software application to be installed on an end user device with the application developer identification for authenticating said signature; and in the event that authentication is successful, performing authentication of the software application code and/or controlling installation and/or operation of the software application.
    Type: Grant
    Filed: March 2, 2017
    Date of Patent: December 4, 2018
    Assignee: F-Secure Corporation
    Inventors: Jarno Niemelä, Mikko Hyykoski
  • Publication number: 20180103031
    Abstract: There are provided measures for enabling advanced local-network threat response. Such measures could exemplarily comprise receiving, at a local-network honeypot entity, a username/password related authentication data in relation to a login attempt to the honeypot entity, triggering a threat response operation at a local-network backend entity upon detection of the username/password related authentication data, the threat response operation comprising testing validity of the username/password related authentication data in one or more local accounts of the local-network, and in case the username/password related authentication data is detected to be valid for any account in the local-network, determining that said account is compromised and locking the compromised account.
    Type: Application
    Filed: October 6, 2017
    Publication date: April 12, 2018
    Inventors: Jarno Niemelä, Janne Pirttilahti, Marko Finnig
  • Patent number: 9910987
    Abstract: According to a first aspect of the present invention there is provided a malware detection method implemented within a computer. The method includes, for a given electronic file, determining if the file is associated with a valid digital signature. If the file is associated with a valid digital signature, then verifying that the signature belongs to a trusted source. If the signature does belong to a trusted source then not performing a malware scan of said file, and if the signature cannot be verified as belonging to a trusted source then performing said scan.
    Type: Grant
    Filed: September 7, 2009
    Date of Patent: March 6, 2018
    Assignee: F-Secure Corporation
    Inventor: Jarno Niemelä
  • Patent number: 9858416
    Abstract: According to a first aspect of the present invention there is provided a method of protecting a computer system from malware, which malware attempts to prevent detection or analysis when executed in an emulated computer system. The method comprises determining if an executable file should be identified as being legitimate and, if not, executing the executable file while providing indications to the executable file that it is being executed within an emulated computer system.
    Type: Grant
    Filed: September 13, 2016
    Date of Patent: January 2, 2018
    Assignee: F-Secure Oyj
    Inventors: Jarno Niemelä, Mikko Hyppönen, Santeri Kangas
  • Patent number: 9779267
    Abstract: A method of controlling a process on a computer system for backing-up files stored in a primary storage medium, to a secondary storage medium. The method comprises monitoring a file system implemented on the computer system in order to detect write operations made by the file system to said primary storage medium. Upon detection of a write operation, the integrity of a file being written is verified and/or changes in the file identified with respect to a version of the file currently stored in the primary storage medium and which is being replaced. In the event that the integrity of a file being written by the file system is compromised, and/or any identified changes in the file are suspicious, then the file is identified to the back-up process such that automatic back-up of the file is inhibited.
    Type: Grant
    Filed: October 7, 2009
    Date of Patent: October 3, 2017
    Assignee: F-Secure Oyj
    Inventor: Jarno Niemelä
  • Publication number: 20170257361
    Abstract: A method of authenticating or controlling a software application on an end user device. The method includes selecting a code signing certificate related to an application developer; selecting one or more clean files from a database of known clean files signed with the selected code signing certificate; generating an application developer identification for the application developer on the basis of data extracted from the selected one or more clean files; adding the generated application developer identification to a database of trusted application developer certificates; comparing a signature related to a software application to be installed on an end user device with the application developer identification for authenticating said signature; and in the event that authentication is successful, performing authentication of the software application code and/or controlling installation and/or operation of the software application.
    Type: Application
    Filed: March 2, 2017
    Publication date: September 7, 2017
    Inventors: Jarno NIEMELÄ, Mikko HYYKOSKI
  • Publication number: 20170220800
    Abstract: There are provided measures for enabling the detection of a malware-usable clean file or, stated differently, the detection of malware using a clean file. Such measures could exemplarily include identifying a vulnerable clean file in a computer system, which does not constitute malware but is vulnerable for usage by malware, checking the vulnerable clean file for its threat of usage by malware, and detecting the vulnerable clean file as malware-usable clean file on the basis of a result of said checking of its threat of usage by malware.
    Type: Application
    Filed: February 1, 2017
    Publication date: August 3, 2017
    Inventor: Jarno NIEMELÄ
  • Publication number: 20160378985
    Abstract: According to a first aspect of the present invention there is provided a method of protecting a computer system from malware, which malware attempts to prevent detection or analysis when executed in an emulated computer system. The method comprises determining if an executable file should be identified as being legitimate and, if not, executing the executable file whilst providing indications to the executable file that it is being executed within an emulated computer system.
    Type: Application
    Filed: September 13, 2016
    Publication date: December 29, 2016
    Inventors: Jarno Niemelä, Mikko Hyppönen, Santeri Kangas
  • Patent number: 9501644
    Abstract: According to a first aspect of the present invention there is provided a method of protecting a computer system from malware, which malware attempts to prevent detection or analysis when executed in an emulated computer system. The method comprises determining if an executable file should be identified as being legitimate and, if not, executing the executable file while providing indications to the executable file that it is being executed within an emulated computer system.
    Type: Grant
    Filed: March 15, 2010
    Date of Patent: November 22, 2016
    Assignee: F-Secure Oyj
    Inventors: Jarno Niemelä, Mikko Hyppönen, Santeri Kangas
  • Patent number: 9407761
    Abstract: A method and apparatus for managing communications in a communication network. A telephony device determines that a software application is attempting to contact an E.164 number. It then determines that the E.164 number matches at least one predetermined criterion, such as the E.164 number being a premium rate number or having a different country code to that of the device. The device then sends a query to a reputation server. The query includes information identifying the software application. The device receives a response from the reputation server, the response including a reputation relating to the software application. On the basis of the received reputation relating to the software application, the device can take further action such as preventing contact from being established.
    Type: Grant
    Filed: January 18, 2011
    Date of Patent: August 2, 2016
    Assignee: F-Secure Corporation
    Inventor: Jarno Niemelä
  • Patent number: 9225725
    Abstract: A method of controlling access to web content at a client computer. The method includes registering an access control status at the client computer, and detecting an attempt to access a website having an access control mechanism. In response to such detection, the access attempt is suspended and said access control status registered at the client computer compared with an access control status currently registered at the website. If these do not correspond, then the access control status registered at the website is changed to correspond with that registered at the client computer.
    Type: Grant
    Filed: May 19, 2014
    Date of Patent: December 29, 2015
    Assignee: F-Secure Corporation
    Inventor: Jarno Niemelä
  • Patent number: 9191392
    Abstract: An example embodiment of the present invention provides an apparatus including at least one processor; and at least one memory including executable instructions, the at least one memory and the executable instructions being configured to, in cooperation with the at least one processor, cause the apparatus to perform at least the following: retrieving, from a reputation server, reputation data of uniform resource locators (URL) of one or more web sites relating to one or more web site features that are available via the web site; and determining executable web site features on the basis of the retrieved reputation data.
    Type: Grant
    Filed: January 7, 2014
    Date of Patent: November 17, 2015
    Assignee: F-Secure Corporation
    Inventor: Jarno Niemelä
  • Patent number: 9055101
    Abstract: In accordance with an example embodiment of the present invention, there is provided a computing device, including at least one processor; and at least one memory including computer program code the at least one memory and the computer program code configured to, with the at least one processor, cause the device to perform at least the following: receive near field communication device data related to a specific NFC device; generate a reputation query on the basis of the received NFC device data; send the generated reputation query to a service provider; receive reputation data, retrieved from a reputation database of NFC device reputation information, related to the specific NFC device from the service provider; and take further action on the basis of the received reputation relating to the specific NFC device.
    Type: Grant
    Filed: October 12, 2011
    Date of Patent: June 9, 2015
    Assignee: F-Secure Corporation
    Inventors: Kimmo Kasslin, Jarno Niemelä
  • Patent number: 9021136
    Abstract: The present invention relates to a method for synchronizing files between devices between two devices. The method includes creating a rule to control the synchronization of the file. The rule includes at least one condition for synchronization which is dependent upon a property of a device.
    Type: Grant
    Filed: April 2, 2012
    Date of Patent: April 28, 2015
    Assignee: F-Secure Corporation
    Inventors: Mika Ståhlberg, Mikko Hyppönen, Kimmo Kasslin, Antti Tikkanen, Jarno Niemelä, Jarkko Konola